80x24 ("Company," "we," "us") operates the tongues translation service ("Service"). This Privacy Policy explains how we collect, use, store, and protect your personal information in accordance with Korea's Personal Information Protection Act (PIPA).
We collect and use personal information for the following purposes:
Account management: Email verification, login authentication, and account identification.
Service delivery: Domain registration, translation processing, usage tracking, and billing.
Communication: Service announcements, policy change notifications, and support responses.
Service improvement: Aggregate usage statistics and performance optimization.
2. Types of Personal Information Collected
We collect only the minimum information necessary to provide the Service:
Email address: Provided during registration for account identification and communication.
One-time verification codes (OTP): Generated for email verification; automatically deleted after use or expiration.
Authentication tokens (JWT): Issued upon successful verification for session management; stored client-side only.
Domain names: Registered by Users to receive translation services.
Usage statistics: Monthly request counts and text counts per domain.
Subscription information: Plan tier, subscription ID, and customer ID (processed through Polar).
Translation content: Text content submitted for translation; cached for performance purposes.
We do not collect: names, phone numbers, physical addresses, payment card details (handled entirely by Polar), IP addresses for tracking, or browser fingerprints.
3. Retention & Destruction of Personal Information
We retain personal information only as long as necessary to fulfill its purpose:
Account data (email, domains, subscription): Retained until account deletion. Upon deletion, permanently removed within 24 hours.
OTP codes: Automatically deleted after verification or after 10 minutes, whichever comes first.
JWT tokens: Stored client-side only; not retained on our servers.
Translation cache (Redis): Retained for up to 24 hours for performance, then automatically expired.
Translation cache (SQLite): Retained as a shared domain-level cache; not tied to individual accounts.
Usage statistics: Reset monthly; historical statistics are not individually identifiable.
When personal information is no longer needed, we destroy it promptly using methods that prevent recovery (database deletion, memory clearing).
Statutory retention: Where applicable laws require retention of certain records (e.g., electronic commerce transaction records under the Act on Consumer Protection in Electronic Commerce), we retain only the legally required data for the prescribed period.
4. Provision of Personal Information to Third Parties
We do not sell, rent, or share your personal information with third parties except as described below:
Anthropic (Claude AI): Translation text content is sent to Anthropic's Claude API for AI-powered translation. Anthropic processes this data solely for generating translations and does not retain it beyond the API request. See Anthropic's Privacy Policy.
Polar: Email address and subscription data are shared with Polar for payment processing and subscription management. See Polar's Privacy Policy.
Upstash: Translation content is cached on Upstash Redis for performance. Data is encrypted in transit and automatically expired. See Upstash's Privacy Policy.
We may also disclose information when required by law, court order, or government request.
5. Overseas Transfer of Personal Information
In accordance with PIPA Articles 17 and 39-12, we inform you that personal information may be transferred overseas for the following purposes:
Anthropic (United States): Translation text content is transmitted to Anthropic's API servers for AI translation processing. Data is encrypted in transit (TLS). Anthropic does not retain input data beyond the API request lifecycle.
Polar (United States): Email and subscription data are transmitted for payment processing.
Upstash (Global edge network): Translation cache data is stored on Upstash's globally distributed Redis infrastructure with automatic TTL-based expiration.
We ensure that all overseas data transfers are conducted with appropriate safeguards, including encryption in transit and contractual obligations for data protection.
6. Rights of Data Subjects
In accordance with PIPA Articles 35 through 37, you have the following rights regarding your personal information:
Right to access: You may request access to the personal information we hold about you.
Right to correction: You may request correction of inaccurate personal information.
Right to deletion: You may request deletion of your personal information. You can delete your account at any time through the dashboard or by emailing hello@80x24.ai.
Right to suspend processing: You may request that we suspend the processing of your personal information.
To exercise any of these rights, contact us at hello@80x24.ai. We will respond within 10 days of receiving your request, as required by law. If we cannot fulfill your request, we will notify you of the reason.
You may also exercise these rights through a legal representative or authorized agent with a valid power of attorney.
7. Automated Decision-Making & Profiling
tongues does not engage in automated decision-making or profiling that produces legal effects or similarly significant effects on Users. The AI translation service processes text content solely for the purpose of language translation and does not analyze, profile, or make decisions about individual Users.
8. Cookies & Local Storage
tongues does not use cookies for tracking or advertising purposes.
We use browser localStorage for the following functional purposes only:
Translation cache (L1): Previously translated text is cached locally in the visitor's browser to reduce server requests and improve page load speed. This data does not contain personal information and is limited to translated text strings.
Authentication token: Your JWT session token is stored in localStorage for maintaining your login session on the dashboard.
You can clear localStorage at any time through your browser settings. Clearing localStorage will log you out of the dashboard and require translations to be re-fetched from the server.
9. Security Measures
We implement the following technical and organizational measures to protect your personal information:
Encryption in transit: All data transmission uses TLS (HTTPS) encryption.
Authentication security: Email-based OTP verification with rate limiting and attempt restrictions. JWT tokens with expiration.
Access control: Administrative API endpoints are protected by separate authentication. Database access is restricted to the application server.
Data minimization: We collect only the information necessary to provide the Service.
Automatic data expiration: OTP codes, Redis cache entries, and usage statistics are automatically expired or reset.
Infrastructure security: The Service is hosted on Fly.io with isolated application containers and encrypted storage volumes.
10. Children's Privacy
tongues does not knowingly collect personal information from children under the age of 14. If we become aware that a child under 14 has provided personal information without verifiable parental consent, we will promptly delete that information.
If you believe a child under 14 has provided us with personal information, please contact us at hello@80x24.ai.
11. Privacy Officer & Contact Information
For any privacy-related inquiries, requests, or complaints, please contact:
You may also file a complaint with the following organizations:
Personal Information Protection Commission (PIPC):pipc.go.kr
Korea Internet & Security Agency (KISA) Privacy Center: 118 (no area code)
Supreme Prosecutors' Office Cyber Investigation Division: 1301 (no area code)
National Police Agency Cyber Bureau: 182 (no area code)
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we do:
Changes will be posted on this page with an updated effective date.
We will provide at least 7 days' prior notice before changes take effect.
If changes are unfavorable to Users (e.g., expanding the scope of data collection or third-party sharing), we will provide at least 30 days' prior notice and notify affected Users individually via email.
Your continued use of the Service after the effective date constitutes acceptance of the updated Privacy Policy.